... security operations. 2. UEBA & Analytics Engineering (30%) · Develops custom UEBA detection rules , anomaly models, ML-based behavior patterns, and advanced hunting queries (KQL). · Builds and ...
Quick apply
... security operations. 2. UEBA & Analytics Engineering (30%) · Develops custom UEBA detection rules , anomaly models, ML-based behavior patterns, and advanced hunting queries (KQL). · Builds and ...
Quick apply
... security operations. 2. UEBA & Analytics Engineering (30%) · Develops custom UEBA detection rules , anomaly models, ML-based behavior patterns, and advanced hunting queries (KQL). · Builds and ...
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
New
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
New
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
Quick apply
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
Jersey City, NJ · On-site +1
Security Operations Engineer Location: Remote Duration: 6-12 months Security Operations Engineer to ... Monitor and analyze alerts from SIEM and other security tools (e.g., Splunk, QRadar, Sentinel ...
Jersey City, NJ · On-site +1
Security Operations Engineer Location: Remote Duration: 6-12 months Security Operations Engineer to ... Monitor and analyze alerts from SIEM and other security tools (e.g., Splunk, QRadar, Sentinel ...
Springfield, IL · On-site
$80K - $112K/yr
Summary of Duties and Responsibilities Under the direction of the Chief Information Security Officer, the Cybersecurity Operations Analyst will be responsible for day-to-day security event monitoring ...
Springfield, IL · On-site
$80K - $112K/yr
Summary of Duties and Responsibilities Under the direction of the Chief Information Security Officer, the Cybersecurity Operations Analyst will be responsible for day-to-day security event monitoring ...
P-11 Security SOC Analyst's primary function is to provide comprehensive Computer Network Defense ... strong analytical and technical skills in computer network defense operations, ability to lead ...
New
P-11 Security SOC Analyst's primary function is to provide comprehensive Computer Network Defense ... strong analytical and technical skills in computer network defense operations, ability to lead ...
New
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
They are seeking an Information Security Operations Center Analyst to manage information security risks, detect and respond to security threats, and ensure the confidentiality, integrity, and ...
They are seeking an Information Security Operations Center Analyst to manage information security risks, detect and respond to security threats, and ensure the confidentiality, integrity, and ...
Colorado Springs, CO · On-site
$86K - $116K/yr
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
New
Colorado Springs, CO · On-site
$86K - $116K/yr
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
New
Colorado Springs, CO · On-site
$112K - $137K/yr
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
Colorado Springs, CO · On-site
$112K - $137K/yr
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
As a Brooks Information Security Operations Center (SOC) Analyst, you will primarily be responsible for day-to-day defense of enterprise technologies, computing assets and network infrastructure. You ...
As a Brooks Information Security Operations Center (SOC) Analyst, you will primarily be responsible for day-to-day defense of enterprise technologies, computing assets and network infrastructure. You ...
$112K - $137K/yr
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
$112K - $137K/yr
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
We are looking for experienced DOD Defensive Cyber Operations Analysts to work with our client(s ... Must have an active TS/SCI security clearance
We are looking for experienced DOD Defensive Cyber Operations Analysts to work with our client(s ... Must have an active TS/SCI security clearance
Springfield, IL · On-site
$80K - $112K/yr
Information Security Opening Date: 06/11/2026 Summary of Duties and Responsibilities Under the direction of the Chief Information Security Officer, the Cybersecurity Operations Analyst will be ...
Springfield, IL · On-site
$80K - $112K/yr
Information Security Opening Date: 06/11/2026 Summary of Duties and Responsibilities Under the direction of the Chief Information Security Officer, the Cybersecurity Operations Analyst will be ...
Norwalk, CT · On-site
Security Operations Analyst Full Time Norwalk, CT About the Company: Wilton Re is an industryleader in the life (re)insurance space, specializing in the acquisition of inforce life insurance and ...
Norwalk, CT · On-site
Security Operations Analyst Full Time Norwalk, CT About the Company: Wilton Re is an industryleader in the life (re)insurance space, specializing in the acquisition of inforce life insurance and ...
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
... analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access ...
Milwaukee, WI · On-site
Title: Security Operations Analyst Company: Global Power Components - www.globalpowercomponents.com Location: Milwaukee, WI (onsite 5-days/week) Hire Type: Direct Hire Overview: Global Power ...
Milwaukee, WI · On-site
Title: Security Operations Analyst Company: Global Power Components - www.globalpowercomponents.com Location: Milwaukee, WI (onsite 5-days/week) Hire Type: Direct Hire Overview: Global Power ...
Title: Security Operations Analyst Company: Global Power Components - www.globalpowercomponents.com Location: Milwaukee, WI (onsite 5-days/week) Hire Type: Direct Hire Overview: Global Power ...
Quick apply
Title: Security Operations Analyst Company: Global Power Components - www.globalpowercomponents.com Location: Milwaukee, WI (onsite 5-days/week) Hire Type: Direct Hire Overview: Global Power ...
Security Operations Analyst Full Time Norwalk, CT About the Company: Wilton Re is an industryleader in the life (re)insurance space, specializing in the acquisition of inforce life insurance and ...
Security Operations Analyst Full Time Norwalk, CT About the Company: Wilton Re is an industryleader in the life (re)insurance space, specializing in the acquisition of inforce life insurance and ...
$108K - $203K/yr
We are looking for experienced DOD Defensive Cyber Operations Analysts to work with our client(s ... Must have an active TS/SCI security clearance As required by local law, Accenture Federal Services ...
$108K - $203K/yr
We are looking for experienced DOD Defensive Cyber Operations Analysts to work with our client(s ... Must have an active TS/SCI security clearance As required by local law, Accenture Federal Services ...
$17.55 - $21.48
4% of jobs
$21.48 - $25.42
5% of jobs
$25.42 - $29.35
9% of jobs
$29.35 - $33.28
1% of jobs
$35.95 is the 25th percentile. Wages below this are outliers.
$33.28 - $37.22
7% of jobs
$37.22 - $41.15
15% of jobs
$41.15 - $45.08
4% of jobs
The median wage is $46.61 / hr.
$45.08 - $49.02
9% of jobs
$49.02 - $52.95
11% of jobs
$54.50 is the 75th percentile. Wages above this are outliers.
$52.95 - $56.88
22% of jobs
$56.88 - $60.82
12% of jobs
$17
$44
$60
| Aspect | Security Operation Analyst | Security Engineer |
|---|---|---|
| Certifications | CompTIA Security+, CISSP, CEH | CISSP, GIAC Security Certifications, CEH |
| Work Environment | Monitoring security alerts, incident response, threat analysis | Designing security systems, implementing security solutions, infrastructure setup |
| Employer & Industry Usage | IT security teams in various industries, focusing on threat detection | Security architecture teams, focusing on system and network security design |
The Security Operation Analyst primarily monitors and responds to security incidents, focusing on threat detection and incident management. In contrast, the Security Engineer designs and implements security measures to protect organizational infrastructure. Both roles require relevant certifications and work within security teams, but their core responsibilities differ significantly.
Contractor
Re-posted 18 days ago
Duration: 01/26/2026 - 08/31/2026
Location: 701 W. 51st Austin, TX 78751.
The working position is On Site
The Software Developer II performs advanced (senior-level) software development work focused on designing, building, testing, and optimizing Microsoft Sentinel capabilities for department projects. This role is responsible for developing custom automation playbooks, analytics rules, behavioral models, connectors, and integrations to support SOAR and UEBA functionality. The position works under limited supervision with considerable latitude for initiative, independent judgment, and technical leadership.
Essential Job Functions (EJFs)
1. Microsoft Sentinel SOAR Development (40%)
· Designs, develops, tests, and deploys Sentinel SOAR automation playbooks using Azure Logic Apps, Azure Functions, ARM templates, and REST APIs.
· Creates automated workflows for alert enrichment, triage, response actions, notification processes, and case management.
· Integrates Sentinel with third-party systems (EDR, IAM, ticketing systems, email gateways, firewalls, etc.) to automate security operations.
2. UEBA & Analytics Engineering (30%)
· Develops custom UEBA detection rules, anomaly models, ML-based behavior patterns, and advanced hunting queries (KQL).
· Builds and maintains analytics content, data parsers, normalization rules, and entity behavior profiles.
· Evaluates behavioral anomalies and collaborates with cybersecurity teams to fine-tune detection logic.
3. SIEM Content Development & Platform Engineering (15%)
· Designs and implements custom data connectors, ingestion pipelines, and data transformation logic.
· Creates dashboards, workbooks, hunting queries, and detection-as-code assets.
· Performs platform tuning to improve performance, reduce noise, and align to MITRE Telecommunication&CK and Zero Trust principles.
4. Application Development & Integration (10%)
· Develops supporting code modules, scripts, microservices, and helper APIs using Python, PowerShell, .NET, or similar languages.
· Works with DevOps pipelines, CI/CD processes, version control, and infrastructure-as-code where applicable.
5. Documentation, Collaboration & Support (5%)
· Writes technical design documents, SOPs, architecture diagrams, and automation runbooks.
· Collaborates with DSHS, HHSC CISO Office, and cross-functional stakeholders on requirements, testing, and deployment.
· Provides Tier III support for Sentinel engineering issues and participates in after-action reviews when needed.
Knowledge, Skills, and Abilities (KSAs)
Knowledge of:
· Microsoft Sentinel architecture, SOAR, and UEBA capabilities.
· Azure cloud services, Logic Apps, Azure Functions, Event Hubs, Key Vault, and Azure AD.
· Security operations processes (triage, threat detection, incident response, threat modeling).
· MITRE Telecommunication&CK, NIST CSF, Zero Trust Architecture concepts.
· Programming and scripting languages (Python, PowerShell, KQL, C#, JavaScript, or equivalent).
· CI/CD pipelines, DevOps practices, and Git-based version control.
· API integrations and JSON/YAML structures.
Skills in:
· Building Logic App workflows and custom Sentinel automation playbooks.
· Writing complex KQL queries for analytics, hunting, and behavioral detection.
· Developing custom connectors, data maps, and parsers.
· Designing and optimizing UEBA detection models.
· Debugging SOAR workflows and resolving integration issues.
· Communicating technical information clearly to both technical and non-technical audiences.
Abilities to:
· Work independently and take ownership of complex development tasks.
· Translate security requirements into scalable technical solutions.
· Analyze threat behaviors and develop meaningful detections.
· Work collaboratively with cybersecurity, infrastructure, and application teams.
· Manage multiple work assignments and meet deadlines.